JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.55.233

104.207.55.233 was found in our database!

This IP was reported 142 times. Confidence of Abuse is 15%: ?

15%

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.55.233

Whois 104.207.55.233

IP Abuse Reports for 104.207.55.233:

This IP address has been reported a total of 142 times from 16 distinct sources. 104.207.55.233 was first reported on June 11th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 oncord	2026-06-04 21:50:16 (2 days ago)	Form spam	Web Spam
🇩🇪 4server	2026-06-03 17:56:38 (3 days ago)	[WedJun0319:56:31.9546112026][security2:error][pid2090428:tid2090502][client104.207.55.233:0]ModSecu ... show more [WedJun0319:56:31.9546112026][security2:error][pid2090428:tid2090502][client104.207.55.233:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"[\\\\\\\\n\\\\\\\\r]\"atARGS_GET:message.[file\"/etc/apache2/conf.d/modsec_rules/00_asl_zz_strict.conf\"][line\"143\"][id\"390722\"][rev\"5\"][msg\"Atomicorp.comWAFRules:HTTPHeaderInjectionAttackviapayload\(CR/LFdetected\)\"][data\"MatchedData:\\\\x0dfoundwithinARGS_GET:message:Hello\\\\x0d\\\\x0a\\\\x0d\\\\x0aInsertnewbeauty-pully.chinGoogleSearchIndexsoitcanshowupingooglesearchresults\!\\\\x0d\\\\x0a\\\\x0d\\\\x0aInsertnewbeauty-pully.chnow:https://searchregister.info\"][severity\"CRITICAL\"][hostname\"newbeauty-pully.ch\"][uri\"/contact-us.html\"][unique_id\"aiBqz1dmnMm_yT2RgyKtnQAAAIw\"]\,referer:http://newbeauty-pully.ch/contact-us.html show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 09:08:02 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 04:07:54.929787 2026] [security2:error] [pid 7020:tid 7040] [client 104.207.55.233:43675] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "metrobaselexpoforum.org"] [uri "/.env.save"] [unique_id "aY7p6vAxSgCXV6M-D16sBQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-02-13 07:40:01 (3 months ago)	Multiple WAF Violations	Web App Attack
🇳🇱 debestelapp	2026-02-13 06:55:03 (3 months ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 06:06:37 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:06:29.350643 2026] [security2:error] [pid 1302:tid 1302] [client 104.207.55.233:53303] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mccachren.org"] [uri "/.env.staging"] [unique_id "aY6_Zebo3ArBdxcZwIhukQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 05:19:14 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 00:19:09.567812 2026] [security2:error] [pid 7478:tid 7478] [client 104.207.55.233:30149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "matterofbritain.com"] [uri "/new/.git/config"] [unique_id "aY60Tby5gCzi2YoiCUHhLgAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:26:58 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:26:51.559876 2026] [security2:error] [pid 30383:tid 30383] [client 104.207.55.233:44949] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "martintommer.com"] [uri "/.env.production"] [unique_id "aY6oC6FdAyNk9Pa9auVx2AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-13 04:04:48 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 23:04:44.785443 2026] [security2:error] [pid 16090:tid 16090] [client 104.207.55.233:21145] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "markrikey.com"] [uri "/v2/.git/config"] [unique_id "aY6i3D3fu69H1RSfnZy8bgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 SCHAPPY	2026-02-13 03:38:21 (3 months ago)	Critical web app attack detected. Restricted File Access Attempt	Web App Attack
🇳🇱 Mangelot Hosting	2026-02-13 03:20:55 (3 months ago)	(modsecurity) srv201 ModSecurity 104.207.55.233 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; D ... show more (modsecurity) srv201 ModSecurity 104.207.55.233 (DE/Germany/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇳🇱 homeshowdomain.nl	2026-02-12 23:00:18 (3 months ago)	Auto-ban: >3000 req/min op 2026-02-12	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-02-12 17:21:19 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 12:21:11.806443 2026] [security2:error] [pid 3181:tid 3181] [client 104.207.55.233:56353] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daveroozendaal.com"] [uri "/.env"] [unique_id "aY4MB0wSQaq3QhKT8Xh8XwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-12 00:37:28 (3 months ago)	104.207.55.233 - - [12/Feb/2026:00:37:28 +0000] "GET http://gastaldi.biz/test/.git/config HTTP/1.1" ... show more 104.207.55.233 - - [12/Feb/2026:00:37:28 +0000] "GET http://gastaldi.biz/test/.git/config HTTP/1.1" 404 436 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-11 00:16:57 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.55.233 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.55.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 19:16:53.236478 2026] [security2:error] [pid 25759:tid 25759] [client 104.207.55.233:62507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "furballaudio.com"] [uri "/backend/.env"] [unique_id "aYvKdcxx4JHBvz0FPqoxQgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 142 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 159.223.196.51

🇹🇭 147.50.231.36

🇯🇵 47.245.1.98

🇳🇱 193.176.31.215

🇩🇪 185.233.107.116

🇵🇰 175.107.37.51

🇺🇸 156.229.163.164

🇺🇸 69.63.184.8

🇺🇸 45.79.207.252

🇸🇬 45.78.206.111

🇨🇳 42.123.124.192

🇷🇺 5.165.19.3

🇹🇷 213.43.13.6

🇺🇸 162.216.149.180

🇮🇳 159.89.163.223

🇫🇮 147.185.133.248

🇺🇸 147.185.132.108

🇹🇭 118.194.251.144

🇨🇳 101.33.247.61

🇺🇸 66.132.172.224